The present disclosure relates to an identity-based (ID-based) encryption (IBE) and signature method and a terminal, and more particularly, to an ID-based encryption and signature method and a terminal that can distinguish between an encrypted file and a file to which a signature is appended.
In a secret-key-based cryptosystem, a file is encrypted and then transmitted on the assumption that a transmitter and a receiver have the same symmetric key. To transmit an encrypted file to a plurality of counterparts, a transmitter should have all symmetric keys corresponding to the respective counterparts. However, in an environment in which most pieces of data are shared online and run into astronomical figures, it is practically impossible for all people or devices to generate, share, store and manage the same symmetric key in order to encrypt and share a file. For this reason, an existing secret-key cryptosystem has a fundamental difficulty in managing users and keys that exponentially increase.
On the other hand, in a public key infrastructure (PKI) cryptosystem, asymmetric keys and a pair of a public key and a secret key are used. Since the PKI cryptosystem operates to set a secret key and calculate a public key from the secret key, a receiver side receiving an encrypted key cannot know whose secret key the secret key is with the public key alone. Thus, a relationship between user information, such as an accredited certificate, and a public key should be checked by an accredited certificate authority, and to this end, the accredited certificate authority issues a certificate to guarantee the relationship between the public key and an actual user. In other words, the PKI cryptosystem requires a certificate authority that issues and verifies an accredited certificate online, an accredited certificate including information on a public key, at least one directory in which the accredited certificate including the public key is stored, an accredited certificate management system, and so on.